Directory Traversal Vulnerability in Synerion TimeNet Version 9.21 Allows Unauthorized Access to Restricted Files

Directory Traversal Vulnerability in Synerion TimeNet Version 9.21 Allows Unauthorized Access to Restricted Files

CVE-2021-36717 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Synerion TimeNet version 9.21 contains a directory traversal vulnerability where, on the "Name" parameter, the attacker can return to the root directory and open the host file. This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.

Learn more about our Web Application Penetration Testing UK.